looks like how security training could be abused
source: http://www.securitydump.com/content141.htmlAccording to the SANS Institute a professor at an undisclosed university recently assigned a practical for his computer-security class.
The practical, which is worth 15 percent of the students final grade, requires students to perform reconnaissance on an internet server using open source security tools.
While the university is allowing the practical to continue it has also stated that the techniques should not be performed on their own web servers. If students are caught performing any scans against university computers then it would prompt: "Disabling their student account and referring them to the Student Dean of Corrections."
Apparently the university considers it ok to mandate students to perform the scans on other internet servers, just not their own.
A recent update to the blog has indicated that the professor may be reconsidering the assignment.
For more information: http://isc.sans.org/diary.php?storyid=1155
Reply With Quote